Hi, i was wondering in these days of webhost's servers being down when you need them the most, is it possible to configure one's nameservers (at the registrar level) to look for the secondary (backup) host when the primary host is down? This of course would entail one having to have 2 hosting accounts and paying for them. i believe registrars (powerpipe in my case) have fields for up to 4 name servers and hosting companies give you info for 2 fields, typically ns1 and ns2. can the other 2 fields be a ns1 and ns2 of the secondary hosting company. will this work in a real world when the primary host is down. any info (step by step) will be much appreciated.

That's not what multiple nameservers are for... all the nameservers have to agree.

What you want is to configure your nameservers to point to multiple IP addresses, using multiple A records for each domain.

i only have one static domain. could you please run that by me again in newbie terms. 2 ip address i can understand, one of the primary host and one of the secondary host. there's only one domain which will be identical on both hosts. what's this multiple A record? Are these configurations made at the registrar level or hosting company level?


Originally posted by inimino
That's not what multiple nameservers are for... all the nameservers have to agree.

What you want is to configure your nameservers to point to multiple IP addresses, using multiple A records for each domain.

Originally posted by plal
i only have one static domain. could you please run that by me again in newbie terms.

sure, I'll do my best :)

2 ip address i can understand, one of the primary host and one of the secondary host. there's only one domain which will be identical on both hosts. what's this multiple A record?

That's how you set up failover using DNS. Instead of using an A record to resolve your domain to a single IP address, you want it to resolve to more than one IP address. Then if a browser is connecting to your domain, and one IP address is unreachable it will try the other IP address.
Are these configurations made at the registrar level or hosting company level?

They are made on the authoritative nameservers. You might be using your registrar's nameservers or your host's nameservers.

That's how you set up failover using DNS. Instead of using an A record to resolve your domain to a single IP address, you want it to resolve to more than one IP address. Then if a browser is connecting to your domain, and one IP address is unreachable it will try the other IP address.


hi,
are you sure about this ? dns server returns answers using RR algorithm, so you can receive ip address of host a, that is currently down - or b, but both of them ?

if zone file is:

sth.domain.com IN A 192.168.1.2
sth.domain.com IN A 192.168.1.3

with query type A will you receive two addresses in answer ?

--
ojama

Hello,
It will go to each address in turn if it's set up like a round robin. The problem with this is that if the server with IP address ending in 2 goes down then this wouldnt mean that all visitors are going to 3. It means that 50% are still redirected to a good server and the others to a bad.

To have more redundancy it might be best to lower the TTL times if possible and then have DNS1 on server1. DNS2 on server2 and then if the site dies then you have 1 DNS server still answering and you then just manually configure it to point to what ever server. When the TTL expires it will then direct all traffic to the new location.

Originally posted by ojama

if zone file is:

sth.domain.com IN A 192.168.1.2
sth.domain.com IN A 192.168.1.3

with query type A will you receive two addresses in answer ?



Yes, you will recieve two addresses. The "round robin" algorithms you are referring to is how the nameserver *orders* the records it returns. So half the time it will return
192.168.1.2
192.168.1.3
and the other times, the answer will be reversed:
192.168.1.3
192.168.1.2

Clients try the IP addresses in the order they are listed. So it works for load balancing, but clients can also have a crack at a second IP address in case one is down.

Hello,
The IP would need to be removed out of the DNS for the server that is down because traffic would still be routed to it. Round Robin works good as a nice (cheap) load balancing set up where you can send traffic across several servers to share the work load. But isnt the best for high availability. The DNS needs to time out for the client who has the bad IP cached and the bad IP needs to be removed till the server is back online. This is where the problems come in. It will help with more availability in the event of a failure but down time would still happen for half of the visitors in a 2 server setup.

Originally posted by Stormhosts

It will help with more availability in the event of a failure but down time would still happen for half of the visitors in a 2 server setup.

The site will be available, but there will be a delay. Clients connect to the first IP address they get, and when that times out they will try the next one. So half your visitors will see a delay equal to the timeout used by their networking stack. This isn't exactly the same as the site being down altogether.

According to MS the connection just dies. It may be different though for Linux.

Well Linux will try the returned IP addresses in order.

I have no recollection of how Windows deals with that, but I'd be surprised (sort of) if it simply ignores the additional IP addresses provided by DNS. Any Windows networking experts here?

A few sites I have read up on all say that the DNS has no way of knowing if the server is up and down. From my understanding the round robin DNS just does it's job of directing the request to each IP address in turn and does not have a way of knowing if it succeeded. A few links I found on the subject are below...

http://content.websitegear.com/article/load_balance_methods.htm

http://www.microsoft.com/technet/itsolutions/ecommerce/maintain/operate/d5nlb.mspx

Well DNS definitely doesn't know if the server is up or down, but DNS resolvers actually return a list of IP addresses, not just one.
DNS servers rotate the order of that list, but they return the full list of addresses.
What the client program does with that list is up to it.

Here's an example to demonstrate what I mean:

~ 0 0 dig google.com

; <<>> DiG 9.2.3 <<>> google.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56202
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;google.com. IN A

;; ANSWER SECTION:
google.com. 300 IN A 216.239.57.99
google.com. 300 IN A 216.239.37.99
google.com. 300 IN A 216.239.39.99
<additional output snipped>

I know Linux browsers and programs like wget and rsync will use that list to find an IP address that does work from the list, I just don't know whether IE on Windows does that or not.
My guess would be that it does.

It will be interesting to see others views on this. I have always had the understanding like I mentioned above that it is not great for high availability because the record needs to be manually removed.

Lets see what others say on this. I am interested to know :)

Round Robin wont do the trick for failover. What you need is an application/service that does a bit more and does the work of updating the IP for you if one server fails. You can get such a service from:
http://www.zoneedit.com

or various software for your server if your running your own hardware.

Would a load balancer take card of this? Can it detect which servers are up/down and direct traffic appropriately?

This comes up here time and time again. To do what is being asked for (immediate failover between hosts, not round-robbin DNS balancing) requires at least one host which is always up and responding to your site IP. That host then routes requests between your other hosts based on availability. This now requires three hosts and all you are really doing is moving your point of failure from the web host to the failover/balancing host.

What you need is an application/service that does the work of updating the IP for you if one server failsIt's true that within the current DNS system, dynamic DNS (or setting short TTLs and manually or automatically changing the IP) are the only inexpensive options, but while they might help if you have seriously bad down-time, they don't address the fact that local caching DNS servers won't update IP addresses immediately and you'll still be down for hours to a good portion of the world every time the IP changes.

Thing is, a DNS based solution only helps if you have incredibly bad down time (measured in hours or days, not minutes). If you don't need load balancing, it is far more effective to simply get a single host who has decent uptime in the first place.

Originally posted by Stormhosts

I have always had the understanding like I mentioned above that it is not great for high availability


It's not great, but if you have two servers and one of them fails (hardware) it can make a huge difference.

I agree with you there! It does help. I was just meaning for ultimate uptime (availability) it isnt the best option. It does work good for a free alternative though.

This is really interesting.

There seem to be two scenarios, if I understood correctly.

CASE 1. NS are on the same machine as the web server (ns1 and ns2).
Most of us small providers (in my case i only cater for my own clients) have the name servers and the web host on the same machine, so that if things get ugly, everything goes down at the same time. If this is the case, is it not worth getting a secondary DNS (ns3 and ns4) with someone like dyndns.org and, in normal times, have them pointing to the same as ns1 and ns2, but when the main server is down (so that also ns1 and ns2 are not available) one could manually re-point ns3 and ns4 (which are elsewhere) to a mirror web server. Or is there a way to do this automatically?
Also, as cPanel usually configure new hosting account's NS automagically, this means that when adding an account on the main server, ns1 and ns2 are automatically configured, but ns3 and ns4 must be edited manually. Is this correct?

CASE 2. The NS's are elsewhere, not on the same IP/machine as the web server.
We assume this autoritative NS's are reliable. In this case there is an A record pointing to the IP of the web server. If the web server goes down, the site goes, but the NS is still active. Is in this case the best strategy to have a secondary A record pointing to a mirror server at the NS? Would we be trapped with the RR mechanism, because of course we do not want in normal time, users to go to the backup (slower) web server. Is there a time setting that can be edited in the secondary A record, so that it gets used ONLY if the primary A record is not available? Or is there any other way?

Thanks a lot!

Regards, Cristiano

my experience of round robin url's is your browser will try the first ip in the list it recieves and if its down you get an error, it doesnt try all the ip's in the list. Its good for load sharing but not a redundancy solution.

Originally posted by SROHost
This comes up here time and time again. To do what is being asked for (immediate failover between hosts, not round-robbin DNS balancing) requires at least one host which is always up and responding to your site IP. That host then routes requests between your other hosts based on availability. This now requires three hosts and all you are really doing is moving your point of failure from the web host to the failover/balancing host.for failover, two is enough actually, with M being the 'master', and S being the 'slave' DNS servers for a website. normally M and S would have the same DNS records. S runs a monitoring script every n seconds, and when M becomes unreachable, change the A records for the website to S (possibly with a lower-than-usual TTL).

when looking up the website, recursive DNS resolvers will timeout when querying M, and (at least this is the behavior with BIND) will failover to query S, which is now serving S's address. consequently, the client will access the website on S instead of M.

when M becomes reachable again, S will change the A records back to to M's address.

of course, the speed of this failover depends largely on n (the frequency of monitoring) and the TTL of the A records ;)